Common Vulnerabilities and Exposures by NIST

CVE-2014-5895 N/A

2014-09-15 2014-09-15

The ShopYourWay (aka com.sears.shopyourway) application 1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-5896 N/A

2014-09-15 2014-09-15

The GlobalTalk- free phone calls (aka com.seawolftech.globaltalk) application 2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-5897 N/A

2014-09-15 2014-09-15

The Parallel Mafia MMORPG (aka com.perblue.pm.client) application @7F070000 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-5898 N/A

2014-09-15 2014-09-15

The Heavy Duty Truck Driver Simulator 3D (aka com.oas.heavy.duty.truck.driver.simulator3d) application 1.0.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-5899 N/A

2014-09-15 2014-09-15

The Nespresso (aka com.nespresso.activities) application 2.4.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-5900 N/A

2014-09-15 2014-09-15

The myHomework Student Planner (aka com.myhomeowork) application 3.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-5901 N/A

2014-09-15 2014-09-15

The Beauty Bible - App for Girls (aka com.my.beauty.bible) application 5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-5902 N/A

2014-09-15 2014-09-15

The UA Cinemas - Mobile ticketing (aka com.mtel.uacinemaapps) application 2.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A

CVE-2014-5903 N/A

2014-09-15 2014-09-15

The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Vendor(s): N/A

Affected OS(s) / software(s): N/A